Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5b0ffd4d-438a-4e2c-b031-fc3262c616f2.roa
File: 5b0ffd4d-438a-4e2c-b031-fc3262c616f2.roa (raw, json)
Hash identifier: Oy0tssVp1nj0F/L4U0J5qiOEyoZwxn7YF9VS9t8NtbM=
Subject key identifier: 7B:E7:C0:2B:E6:35:A0:6D:11:AE:02:F8:11:04:FF:C4:8F:CA:0A:6E
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 0E71A52CD22B130ADEABBBDEE3A41D819C0120EA
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5b0ffd4d-438a-4e2c-b031-fc3262c616f2.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da18:8000::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:71:a5:2c:d2:2b:13:0a:de:ab:bb:de:e3:a4:1d:81:9c:01:20:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=c9d73cb21d72451dc14c4adfd19f024c15aaebc21e554ce5c2ef53ecad3d6bf5, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:00:4b:93:b9:24:1d:49:d4:32:61:de:d5:29:
b4:5f:dc:74:7a:8e:d4:f4:cb:d2:91:6c:d9:dd:59:
17:26:7e:c4:ca:18:10:57:23:14:81:df:4f:10:7c:
7a:65:42:9d:eb:5d:68:be:8f:83:13:97:3f:ae:c2:
29:96:ab:db:75:53:24:a7:34:0f:ef:41:eb:eb:78:
d3:13:80:f6:ba:1b:36:1c:16:c1:5e:09:79:f7:53:
28:a6:22:09:f9:75:18:ca:55:28:27:15:d2:f8:b5:
6e:69:9b:d7:5f:f8:13:c1:bf:e7:33:91:48:3d:26:
34:e9:c1:6d:50:76:22:36:5f:21:1d:95:7d:8d:38:
b4:1c:76:a2:38:05:f2:17:c5:ec:a7:08:10:16:18:
5f:42:46:86:00:cb:66:03:05:7d:b1:f5:91:79:33:
a5:a0:0f:90:9b:7d:bb:5b:9c:12:2f:dc:38:7e:c0:
1d:99:0e:ed:d8:17:44:90:6c:8e:3f:a2:78:26:c2:
8d:1e:a3:fb:de:0e:44:4e:8e:54:fa:74:4a:18:2e:
88:e7:44:6d:6b:89:2d:83:f4:cd:cb:0b:19:d4:e7:
c5:7b:70:34:e8:b9:20:d3:b2:cb:9f:80:a3:21:ee:
35:76:80:31:fd:79:18:bf:a9:4d:61:0b:f5:a3:b8:
1d:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:E7:C0:2B:E6:35:A0:6D:11:AE:02:F8:11:04:FF:C4:8F:CA:0A:6E
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5b0ffd4d-438a-4e2c-b031-fc3262c616f2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da18:8000::/36
Signature Algorithm: sha256WithRSAEncryption
00:e7:a7:92:67:8f:f7:2e:c8:7f:81:87:f2:d5:86:40:13:b9:
a6:aa:2d:0d:52:f3:97:a1:cf:71:12:ba:95:41:3e:94:0c:f7:
f2:13:d3:e5:dc:be:a2:62:07:83:e4:40:1e:8d:be:b9:9e:63:
a8:53:1c:a0:97:43:14:e1:0d:0c:ce:ad:a8:ab:e1:cb:be:f2:
c9:15:35:f7:d2:f7:30:4a:81:aa:76:63:be:46:a1:e0:dc:01:
0c:0d:81:28:f7:cb:5f:b6:bf:76:0b:7b:14:45:2f:bb:5b:69:
fe:99:a3:a1:10:fa:fe:93:a4:0b:fd:03:97:9a:90:b9:f6:ea:
1b:a9:de:f2:1b:d0:17:92:75:92:2b:4a:21:5d:71:99:92:f0:
23:bb:5c:ce:b9:01:1f:c8:24:46:b0:b7:99:50:c1:20:0f:c7:
72:07:9d:9e:90:4c:bf:01:86:a2:25:18:21:87:5e:fc:d9:07:
b5:f9:fe:f6:4e:5a:22:8a:1d:30:c0:42:0e:92:e2:4d:2e:05:
3c:54:10:b0:53:3a:da:9b:79:56:4b:23:12:73:b8:79:54:61:
61:a5:ca:cc:bd:61:dd:b3:33:53:07:6f:ca:fd:32:39:31:1c:
26:34:08:3f:c0:24:6a:93:34:8f:38:df:83:55:1a:09:c1:9f:
ea:4a:a3:24
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUDnGlLNIrEwreq7ve46QdgZwBIOowDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAYzlkNzNjYjIxZDcyNDUxZGMxNGM0
YWRmZDE5ZjAyNGMxNWFhZWJjMjFlNTU0Y2U1YzJlZjUzZWNhZDNkNmJmNTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQBLk7kkHUnUMmHe1Sm0X9x0eo7U
9MvSkWzZ3VkXJn7EyhgQVyMUgd9PEHx6ZUKd611ovo+DE5c/rsIplqvbdVMkpzQP
70Hr63jTE4D2uhs2HBbBXgl591MopiIJ+XUYylUoJxXS+LVuaZvXX/gTwb/nM5FI
PSY06cFtUHYiNl8hHZV9jTi0HHaiOAXyF8XspwgQFhhfQkaGAMtmAwV9sfWReTOl
oA+Qm327W5wSL9w4fsAdmQ7t2BdEkGyOP6J4JsKNHqP73g5ETo5U+nRKGC6I50Rt
a4ktg/TNywsZ1OfFe3A06Lkg07LLn4CjIe41doAx/XkYv6lNYQv1o7gdDQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFHvnwCvmNaBtEa4C+BEE/8SPygpuMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzViMGZmZDRkLTQzOGEtNGUyYy1iMDMxLWZjMzI2MmM2MTZmMi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYEJAbaGIAwDQYJKoZIhvcNAQELBQADggEBAADnp5Jnj/cuyH+Bh/LV
hkATuaaqLQ1S85ehz3ESupVBPpQM9/IT0+XcvqJiB4PkQB6NvrmeY6hTHKCXQxTh
DQzOrair4cu+8skVNffS9zBKgap2Y75GoeDcAQwNgSj3y1+2v3YLexRFL7tbaf6Z
o6EQ+v6TpAv9A5eakLn26hup3vIb0BeSdZIrSiFdcZmS8CO7XM65AR/IJEawt5lQ
wSAPx3IHnZ6QTL8BhqIlGCGHXvzZB7X5/vZOWiKKHTDAQg6S4k0uBTxUELBTOtqb
eVZLIxJzuHlUYWGlysy9Yd2zM1MHb8r9MjkxHCY0CD/AJGqTNI8434NVGgnBn+pK
oyQ=
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:31:15 2025 by rpki-client